I'm not posting as someone in-the-know about the state of the FreeBSD stack --- I trust the security team to divulge things as required, BUT ... ... the examples of vulnerable things in that article to reference lead me to conclude that the stacks in question are "libraries" ... likely, but not necessarily, written in C for systems running in an operating system-less environment. The easiest way to think about this is to look at the "at mega" line (also known as arduino). This is an 8-bit processor and the C development kit allows you to link in all kinds of stuff --- from filesystems and micro-sd card support to wifi and IP/IPv6 support. The same libraries are used when the target is a more powerful ARM chip --- but one similarly running without something as full-fledged as an OS --- or even when a very small vestige of an OS includes these libraries. You could think of these libraries like "what if someone wrote an IP stack for the commodore 64 and then also ported it to the Amiga" ... as a computer without an operating system and then a port to a computer with an operating system with no concept of networking. At any rate, these, in general, do not even resemble the network stack in FreeBSD... or indeed any other full fledged operating system. Hopfully this tidbit helps in some small way. On Wed, Dec 9, 2020 at 12:59 AM Hartmann, O. <ohartmann_at_walstatt.org> wrote: > Hello, > I've got a question about recently discovered serious vulnerabilities > in certain TCP stack implementations, designated as AMNESIA:33 (as far > as I could follow the recently made announcements and statements, > please see, for instance, > > https://www.zdnet.com/article/amnesia33-vulnerabilities-impact-millions-of-smart-and-industrial-devices/ > ). > > All mentioned open-source TCP stacks seem not to be related in any way > with freeBSD or any derivative of the FreeBSD project, but I do not > dare to make a statement about that. > > My question is very simple and aimes towards calming down my employees > requests: is FreeBSD potentially vulnerable to this newly discovered > flaw (we use mainly 12.1-RELENG, 12.2-RELENG, 12-STABLE and 13-CURRENT, > latest incarnations, of course, should be least vulnerable ...). > > Thanks in advance, > > O. Hartmann >Received on Wed Dec 09 2020 - 19:51:38 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:26 UTC